The New GandCrab Ransomware Tale
When 2018 started, GandCrab a prominent ransomware variant made its debut. The e-threat infected over 50,000 computers while acquired revenue of some $600,000 within not even 4 months. And though Bitdefender has released the decryptor of GandCrab, the malware continues to so dupe inexperienced computer operators that they unwittingly make the ransom payment daily.
Ransomware researchers state that attackers' success with GandCrab depends on how they manage in maintaining the virus' agility such as by continuously updating the ransomware, while keep extending its distribution methods. A major development within the event chain of GandCrab relates to its shift from socially-engineered and spam assaults to use of the Magniber Exploit Kit.
Fortinet the security firm had its researchers analyze and find that attackers were distributing the payload of 3 fresh variants of GandCrab 2.1 within one lone spam campaign. Zdnet.com posted this, April 26, 2018.
The researchers state that the above spam campaign implies that freshly developed variants are getting thrust all at the same time, though probably in different configurations, alternatively just for trying bypassing particular file signatures.
Malwarebytes Lab asserts that Magnitude Exploit Kit at present is employing one fileless methodology, implying that GandCrab payload needn't necessarily be .exe files that makes it harder for detection and immunization. Moreover, the technique continues to provide the manner in which the malware spreads through binary padding as well as network traffic capture.
In a warning by Fortinet, users contaminated with GandCrab mustn't make the ransom payment as it doesn't necessarily mean that the attackers would respond favorably. As per recent statistics, merely 25% of victims who actually make a ransom payment really have their files unlocked and restored.
According to security researchers, the best way for coping with GandCrab or any other ransomware is for maintaining one backup all the time so as for effectively recovering one hijacked PC. Besides, safe practices and good hygiene on cyber-space along with loading of all new security updates are important.
» SPAMfighter News - 02-05-2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!